I am currently working on a project which will be using IIS as it's main web server facing the internet. I was hoping to use something like a Web Application Firewall to increase the security stance of IIS. I am hoping that someone can provide some guidance on which to use and for what reasons.
The two solutions I was looking at was webknights and urlscan, but other options are welcome.